DermCare Management Data Breach Exposes Patients' Social Security Numbers

On February 26, 2025, DermCare Management, the management company for over 70 skincare clinics, identified suspicious activity on their computer systems. So far, 9,724 residents of Texas, 522 of Washington and 255 of Massachusetts were identified as affected.

The organizations acted to secure their network and launched an investigation. By March 3, 2025, it was determined that an unauthorized actor may have copied certain patient information from the network without permission.

The types of information that may have been exposed in this incident include both personally identifiable information (PII) and protected health information (PHI). Specifically, the data potentially compromised includes Social Security numbers, driver’s license numbers, government-issued ID numbers such as passports or state ID cards, financial account information, medical information, and health insurance information.

DermaCare filed a disclosure with the Department of Health and Human Services on May 2, 2025. An additional disclosure was filed with the California Attorney General, the Massachusetts Office of Consumer Affairs and Business Regulation, Texas Attorney General and to the Washington Attorney General starting on April 8, 2026.

Which Partner Practices are Affected?

The following practices have posted data event notices to their websites:

• Berman Skin Institute
• Dania Dermatology
• Hillcrest Plastic Surgery & Dermatology
• Hollywood Dermatology
• Keys Dermatology
• Miami Plastic Surgery
• Rendon Center for Dermatology & Aesthetic Medicine
• Skin & Beauty Center
• Skin Center of South Miami
• Florida Academic Dermatology Center
• Dermatology treatment and Research Center

DermCare Management's response

To support those who may be affected, DermCare Management has established a dedicated assistance line at 833-998-7517, available Monday through Friday from 9 a.m. to 5 p.m. EST (excluding holidays).

The company is also providing guidance on how individuals can monitor their accounts and credit reports, place fraud alerts or security freezes on their credit files, and take other steps to protect their personal information.

Resources include instructions for obtaining free credit reports from Equifax, Experian, and TransUnion, as well as contact information for these agencies and relevant government authorities.

It is recommended that affected individuals remain vigilant for signs of identity theft or fraud. Regularly review your account statements, monitor your credit reports, and consider placing a fraud alert or credit freeze if you suspect your information may have been misused.